Alternatives and similar repositories for diggity-action

Users that are interested in diggity-action are comparing it to the libraries listed below

• jenkinsci / jacked-plugin
  ☆18Updated 6 months ago
• carbonetes / brainiac
  BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like se…
  ☆71Updated last year
• carbonetes / diggity
  Generates SBOMs for container images, filesystems, archives, and more to Discover packages and libraries Highly scalable data pipelines f…
  ☆109Updated 6 months ago
• interlynk-io / sbomqs
  sbomqs: The Comprehensive SBOM Quality & Compliance Tool
  ☆261Updated this week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆95Updated 3 weeks ago
• oscal-compass / compliance-to-policy-go
  Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration in Go.
  ☆23Updated last month
• kubesonde / kubesonde
  Kubesonde: network policy testing and verification in K8s
  ☆15Updated last month
• mlieberman85 / scq
  Supply Chain Query Tool
  ☆13Updated 3 years ago
• act-project / TAC
  Automating Compliance Tooling Project
  ☆22Updated 3 years ago
• ossf / wg-orbit
  ORBIT: Open Resources for Baselines, Interoperability, and Tooling
  ☆21Updated last week
• SBOM-Community / SBOM-Generation
  Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team
  ☆33Updated 2 weeks ago
• StacklokLabs / gofetch
  A MCP server that provides web content fetching capabilities.
  ☆20Updated 2 weeks ago
• anchore / cve-data-enrichment
  ☆16Updated this week
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆22Updated 2 years ago
• guacsec / helm-charts
  Helm Chart for deploying GUAC
  ☆18Updated 7 months ago
• IBM / gauge
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆10Updated 3 years ago
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆103Updated this week
• in-toto / ITE
  in-toto Enhancements
  ☆18Updated 10 months ago
• chainguard-dev / stigs
  ☆19Updated 3 weeks ago
• kusaridev / skootrs
  A CLI tool for creating secure by design/default source repos.
  ☆28Updated last year
• anthonyharrison / sbomaudit
  Report on quality of SBOM contents
  ☆24Updated last year
• defenseunicorns / uds-cli
  ☆42Updated last week
• oss-review-toolkit / ort-ci-gitlab
  Use ORT in your GitLab pipelines
  ☆15Updated 2 months ago
• CycloneDX / gh-dotnet-generate-sbom
  GitHub action to generate a CycloneDX SBOM for .NET
  ☆12Updated 5 months ago
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆57Updated this week
• ossf / OpenVEX
  Vuln Disclosure WG's new SIG
  ☆11Updated 2 years ago
• interlynk-io / sbomasm
  sbomasm: The Complete SBOM Management Toolkit
  ☆98Updated this week
• cbomkit / sonar-cryptography
  This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
  ☆53Updated last month
• anchore / grype-db
  ☆58Updated this week
• anthonyharrison / lib4vex
  Library to ingest and generate VEX documents
  ☆17Updated 3 months ago